﻿
using IdentityServer4.Models;
using System;
using System.Collections.Generic;
using Microsoft.AspNetCore.Identity;
using IdentityModel;
using IdentityServer4Blazor.Model;

namespace IdentityServer4Blazor.Server
{
    public static class Config
    {
        public static IEnumerable<IdentityResource> IdentityResources =>
            new IdentityResource[]
            {
                new IdentityResources.OpenId(),
                new IdentityResources.Profile(),
                new IdentityResources.Address(),
                new IdentityResources.Phone(),
                new IdentityResources.Email(),
                new IdentityResource("custom","公共信息",new string[]{JwtClaimTypes.Role,JwtClaimTypes.Profile,JwtClaimTypes.Address,JwtClaimTypes.PhoneNumber,JwtClaimTypes.NickName,JwtClaimTypes.Email})
            };
        public static IEnumerable<ApiResource> ApiResource =>
            new ApiResource[]
            {
                new ApiResource{ Scopes=new List<string>{ "IdentityServer4Api" },Name="IdentityServer4Api",DisplayName="身份认证中心Api",UserClaims=new List<string>{ "role"}},
                new ApiResource{ Scopes=new List<string>{ "BlogApi" },Name="BlogApi",DisplayName="博客Api",UserClaims=new List<string>{ "role"}},
            };

        public static IEnumerable<IdentityServer4.Models.Client> Clients =>
            new IdentityServer4.Models.Client[]
            { new IdentityServer4.Models.Client{  
                ClientName="IdentityServer4Client",
                ClientId="IdentityServer4Client",
                ClientUri="http://localhost:5000",
                RedirectUris=new List<string>
                {
                    "http://localhost:5000",
                    "http://localhost:5000/account/callback",
                    "http://localhost:5000/account/refresh" 
                },
                AllowedScopes=new HashSet<string>{ "IdentityServer4Api","openid","custom" },
                AllowedGrantTypes = GrantTypes.Code ,
                ClientSecrets = new List<Secret>{
                    new Secret("IdentityServer4Client".Sha256(), "IdentityServer4Client") 
                },
                RequireClientSecret = false,
                AllowOfflineAccess = true,
                PostLogoutRedirectUris= new List<string>{ "http://localhost:5000" }
            },

               new IdentityServer4.Models.Client{ 
                   ClientName="BlogIdentityServer4.Models.Client",
                   RedirectUris=new List<string>{"http://localhost:7000/" },
                   ClientId=Guid.NewGuid().ToString(),
                   ClientUri="http://192.168.168.6:7000/",
                   AllowedScopes=new HashSet<string>{ "BlogApi" },
                   AllowedGrantTypes = GrantTypes.Implicit,ClientSecrets = new List<Secret>
                   { 
                       new Secret("BlogIdentityServer4.Models.Client".Sha256(), "BlogIdentityServer4.Models.Client") 
                   },
                   AllowedCorsOrigins = new List<string>(){ "http://192.168.168.6:7000" }
               }
            };
        public static List<ApiScope> ApiScopes => new List<ApiScope> { new ApiScope { Name = "IdentityServer4Api", DisplayName = "身份认证中心Api" } };
        public static Role Role => new Role { Id = 1, Name = "admin" };
        public static User User => new User {NickName="妄揽明月", UserName = "admin", PasswordHash = @"AQAAAAEAACcQAAAAEFaX8CMbgXN+UlY9Rv0YnnlYRimaHkt1BbuhCXY3/Q8rDehrHc//LuVd2S7Unx8ObA==", Email = "798513422@qq.com", Id = 1, NormalizedUserName = "ADMIN", UserRoles = new List<UserRole> { new UserRole { UserId = 1, RoleId = 1 } } };
        public static IdentityUserClaim<int> IdentityUserClaim => new IdentityUserClaim<int> { UserId = 1, ClaimType = JwtClaimTypes.Role, ClaimValue = "admin" };
    }
}
